When it comes to surviving a tech fail or hack, there’s no magic bullet, but humility helps. Depending on what failed, or the extent of the hacking, you could have some serious problems on your hands, especially if it took you a while to even figure out something happened.
If you have a strong backup protocol, you won’t have as much to worry about, unless you discover that your backup failed, or was corrupted. In case of a tech fail or hack, you can follow the three basic steps below.
Step 1: Do You Already Have a Plan? Execute It, Then Assess the Damage
If you have a crisis management plan that includes what to do in case of a hack or tech failure, or a similar incident, it’s time to pull that plan out of the binder and put it into action. If you don’t have a tech fail/hack emergency response plan, you might want to consider developing one after you get through your current crisis.
Generally, your plan should start by assessing the damage, and figuring out how to avoid future damage (such as by changing all your passwords and turning on multifactor authentication). And since you’re a lawyer and not a tech guru, having a list of skilled tech professionals that you can call for help is particularly helpful in figuring out what actually happened and what to do next.
Step 2: Restore From Back Up
Hopefully, part of your cybersecurity and data protection measures involves regular backups so that any potential data loss from a tech fail or a ransomware attack, for instance, doesn’t have to be a total loss.
However, after a hack, it would be wise to consult a cybersecurity professional before attempting to actually restore from your backup as you need to be sure your systems are safe (and hacker free).
Step 3: Damage Control
Unfortunately, for attorneys, after a system hack, there may be ethical duties to report the breach to clients, which can certainly cause some embarrassment and reputational damage. However, it is critical that clients learn the news from their attorney rather than a media source.